Discussion: New virus hacking bank accounts

A new computer virus, dubbed Gauss, has been discovered in the Middle East. Researchers say can it steal banking credentials and hijack login information for social networking sites, email and instant messaging accounts.

Cyber security firm Kaspersky Lab said Gauss is the work of the same "factory" or "factories" that built the Stuxnet worm, which attacked Iran's nuclear program. Here are some key facts about Gauss, according to Kaspersky Lab.

What is its purpose? Gauss is a surveillance tool. It steals credentials for hacking online banking systems, social networking sites and email accounts; it also gathers information about infected PCs, including web browsing history, system passwords and the contents of disk drives.

Can it do anything else? There is a mysterious module, known as Godel, that copies malicious code onto USB drives when they are plugged into infected PCs. Godel's purpose is unknown because some of its code is compressed and scrambled using a sophisticated encryption method. It only activates when it infects a predetermined target. Researchers have not identified the target or figured out its mission. Kaspersky Lab senior researcher Roel Schouwenberg said he believes it may be a "warhead" designed to damage industrial control systems.

How many victims are there? Kaspersky Lab has uncovered more than 2,500 computers infected with Gauss since late May. It estimates the total number of victims is in the tens of thousands. The largest number of infections were found were in Lebanon, followed by Israel and the Palestinian Territories.

Is Gauss still a threat? Yes. Infected USB drives could still launch attacks. Servers that controlled infected machines were shut down in July, so it is unlikely that any more information will be stolen from the surveillance part of the operation.

Why is it called Gauss?The virus is built using modules with internal names that appear to be inspired by famous mathematicians and philosophers, including Kurt Godel, Johann Carl Friedrich Gauss and Joseph-Louis Lagrange. Kaspersky named the entire operation after the Gauss component as it implements the data-stealing capabilities

Get link

Facebook

Twitter

Pinterest

Google+

Email

Other Apps

Comments

Post a Comment

Popular posts from this blog

This is a quick tutorial for implementing graph data
structure with adjacency list representation. Once I was looking on the web to
have a simple introductory tutorial on graphs, but unfortunately couldn’t find
one simple enough. So I decided to write this.
In the adjacency list representation,

èAll the vertices are stored in an array of
structure containing ‘data’ and ‘link’ fields.

èThe linked chains represent the edges of a
vertex with its neighbors.
In the figure, there are 6 vertices,
represented by the array of length 6, and the chains represent the edges.
Below is another example:

Let us first define the structure of a vertex in a graph.

struct vertex { int vertexKey; struct edge *edgePtr; }vertex;

The
vertexKey is the data field of the vertex, and edgePtr is the edge pointer,
declared next.

Target audience for this tutorial
People familiar with Spring and databases, and willing to use Amazon DynamoDB as datastore.

Technologies usedSpring BootGradleJetty server

Amazon ToolsAmazon DynamoDBAmazon AWS SDKAmazon IAM

Steps
1. Creating DynamoDB table
At this point it is assumed that you have a working AWS account. Go to DynamoDB console from you AWS dashboard. In my case the direct URL was https://us-west-2.console.aws.amazon.com/dynamodb/home?region=us-west-2
You may need to subscribe to the service if you are there for the first time. Go ahead and create a table. You won't be charged until you create a table from the console. At this time create a basic table with an index. You can later edit it to add additional fields.
If the table is 'ACTIVE', browse it and add a new test item.
Now you have enough data to be accessed from you local instance to test.
2. Creating IAM User
For you to access dynamoDB from your spring application, you will need a secret id and secr…

When I (Anil Kishore) started taking part in algorithmic programming contests, for more than two years, it was just me, lot of problems, very few algorithms, my ideas and my Java codes. With that, I would have probably been still a green rated coder, working for a software company in Bangalore after moving between two or three places, still in search of the right things to do. But why ? Problems, Algorithms, my Ideas and my Codes.. what else I need ? This is where many Indian coders make mistake. Almost two years after joining TopCoder (TC), I started interacting with fellow coders, knowing more about them, reading lots of others codes, being active in forums and part of the wonderful community. That was the crucial part of my career so far. TC has some interviews of foreign coders and they are very interesting to read. Knowing more about our own Indian coders will be more fun, especially for beginners to get inspired. This is the least I can contribute to the wonderful community that…